Risk Management Initiatives
Every fiscal year, the Board of Directors establishes the “Policy on Risk Control,” which specifies the overall risk management policy, specific risk management policies and the organization and system for risk management. In accordance with this policy, the Executive Committee establishes detailed rules and regulations related to risk management and confirms the Companywide risk status every quarter. The Bank’s risk management structure includes the Risk Management Group of the Risk Management Division, which is responsible for supervising overall risk management activities, specific risk management divisions and the Internal Audit Division to perform internal audits. We have also established the Risk Management Committee, chaired by the officer in charge of the Risk Management Division, and an Asset-Liability Management (ALM) Committee, chaired by the officer in charge of the Planning Division, as advisory bodies to the Executive Committee concerning risk management.Risk Management Structure
Overall Management of Risk
The Bank observes its basic policies relating to overall Basic basic policies of risk management, which are governed by the Policy on Risk Control and Overall Risk Management Rules established under the policy. The Company comprehensively assesses risks for each risk category and manages them by comparing them with equity capital and controlling them.
The Bank observes its basic policies relating to credit risk, which are governed by the Policy on Risk Control and the Credit Risk Rules established under the policy. Currently, our risk management activities relating to credit risk are limited to the ATM settlement business, the ALM of interbank deposits placed with top-rated partner financial institutions, bonds, the lending of funds in the call-money market, temporary ATM payment amounts due and small personal loans to minimize credit risk. In addition, the Bank performs self-assessment of asset quality as appropriate and establishes an allowance for credit losses in accordance with its self-assessment and reserve policies and rules.
Basic policies related to marketability risk are governed by the Basic Policy on Risk Control and by the Market Risk Rules established thereunder. The Marketability Risk Rules include the limits on the maximum level of funds at risk, the market position limits and the loss allowance limits. The Risk Management Division measures and monitors market risk on a daily basis in light of these limits and reports the results to management, including the Executive Committee. At the ALM Committee meeting held once a month, the Bank's market risk position, expected trends in interest rates and other matters are reported and the policy for the risk management operation is determined.
The Bank observes its basic policies relating to liquidity risk, which are governed by the Basic Policy on Risk Control and the Liquidity Risk Rules established under the policy. The Liquidity Risk Rules include the limits regarding the cash gaps arising from differences between the period of the management of invested funds and the timing of the liquidation. The Liquidity Risk Rules establish limits regarding the cash gaps arising from differences between the duration of invested funds and those procured to meet current cash needs. The Risk Management Division measures and monitors liquidity risk on a daily basis in light of these limits and reports the results to management, including the Executive. In the event of a cash shortage, according to the measures corresponding to each scenario, which are designed prior to those events, companywide actions are taken to secure the liquidity in a fast and flexible manner. Hence, there shall be no concern on liquidity risk.
Overall Management of Operational Risk
The Bank observes its basic policies relating to operational risk, which are governed by the Basic Policy on Risk Control and the Operational Risk Rules established under the policy. The operational risks include, the Bank recognizes, administrative risk, systems risk, reputation risk, legal risk and other operational risks, and these risks have been managed comprehensively from a qualitative and a quantitative standpoint.
Seven Bank's business consists primarily of the execution of transactions, mainly through its ATM network, without involving face-to-face interaction. The Bank observes its Administrative Risk Rules, which were established in accordance with the Basic Policy on Risk Control, which includes a basic policy regarding administrative risks particularly due to this special characteristic of our business. To manage administrative risks, we have improved the administrative rules that are based on transactions without face-to-face interaction. In addition,Establishment of Risk Management Policy Decisions on the framework for management of reports and instructions submitted by the Board of Directors. Risk management system We strictly implement voluntary inspections by all businesses and centers, and internal audits by the Auditing Department, in order to prevent administrative errors and internal improprieties. To address any problem found through scandals, operation-related accidents, complaints and inquiries, the Bank has a system in place to quickly analyze the cause of such problems and determine measures to prevent their recurrence. Furthermore, by verifying administrative error reports and self-monitoring, the Bank strives to recognize the occurrence of administrative errors in all divisions and centers and manage administrative risk, including potential administrative risk.
The Bank observes its basic policies relating to systems risk, which are governed by the Basic Policy on Risk Control and the Systems Risk Rules established under the policy. The Bank seeks to thoroughly improve systems development efficiency, service quality and safe operation of systems. The system is configured by making full use of the latest IT (information technology) and by duplicating and multiplexing network and hardware equipment, and by implementing measures such as switching operation at the backup center in the event of a disaster or failure. Libraries such as files and programs are backed up as appropriate based on the relative importance to operations, and such backup data is stored offsite as a precaution against unforeseeable events. In addition, the Bank takes the utmost care in information management, including the use of firewalls to block unauthorized access to the Bank's system, monitoring access 24 hours/day and 365 days/year, encrypting all electronic transactions with customers, and employing antivirus software. In addition, we have established a contingency plan in advance to prepare for contingencies such as failure and natural disasters, and conduct regular drills so that our customers can use our services with peace of mind.
The Bank observes its basic policies relating to reputation risk, which are governed by the Basic Policy on Risk Control and the Reputation Risk Rules established under the policy. Efforts are made to gather information on rumors on a daily basis, and a company-wide communication system and timely and appropriate disclosure when rumors occur.
The Bank observes its basic policies relating to reputation risk, which are governed by the Policy on Risk Control and the Reputation Risk Rules established under the policy. The Bank works to gather information concerning its reputation on a daily basis and maintains a response system, including a companywide communication structure and timely and appropriate disclosure to deal with events that affect its reputation.
The Bank observes its basic policies relating to legal risk, which are governed by the Basic Policy on Risk Control and the Legal Risk Rules established under the policy. The Bank strives to minimize or prevent the manifestation of legal risks and address such risks accurately and efficiently to avert or minimize losses in the event that such risks materialize.
Other Operational Risks
The Bank observes its basic policies relating to other operational risks, which are governed by the Basic Policy on Risk Control. The other major operational risks recognized are human risk and tangible assets risk and have been managed.
Establishment of Business Continuity Plan (BCP)
To fulfill our social responsibility as a bank, Seven Bank has defined the following three operations as top priorities for continuity in the event of a disaster, large-scale accident, or other crisis: the ATM business; the fund settlement business serving banks and ATM partners; and withdrawals from the Bank’s accounts and money transfer operations. Each division has also created a BCP to enable continuity of these essential operations in the event of an accident, disaster, or other crisis. To ensure that the BCP is implemented, each division regularly conducts BCP training, envisioning damage to data centers and other facilities.